Monday, December 29, 2014

Compliance and File Monitoring in EM12c

I was recently asked to help a customer set up File Monitoring in Enterprise Manager and I thought since I haven’t blogged in a while, this could be a good way to start back up again..
Enterprise manager 12c provides a very nice Compliance and File Monitoring Framwork. There are many Built in Frameworks include for PCI DSS and STIG but this How-to will only focus on a custom file monitoring framework.
Prior to Setting up Compliance features . Ensure that Privilege Delegation is set to sudo or whatever Privilege delegation provider you are using.  and Credentials for Realtime Monitoring are setup for hosts. All the Prereqs are explained here http://docs.oracle.com/cd/E24628_01/em.121/e27046/install_realtime_ccc.htm#EMLCM12307
Also important in the above link is how every OS interacts with these features.


Go To Enterprise -→ Compliance → Library

Create a New Compliance Standard



Name and Describe the Framework


You will see  the Framework Created


Now lets add some Facets to monitor > In this example I selected a tnsnames from my rdbms home


Below is a finished facet


Next lets create a rule that uses that facet

After Selecting the right rule lets Add more color

Lets add the facet that defined what file(s) will be monitored

For this example I will select all aspects  for testing but ensure that you have sized your respository as well as understand all the consequences  for each aspect





After defining the monitoring actions, you have the option to filtor and create monitoring rules based on specific events.
I will skip this for now
As we inch towards the end we can authorize changes and each event manually or incorporate a Change Management System that has a connector available in EM12c.

After We have completed this, we now have an opportunity to review the setting and then make this rule production.
Now lets create a Standard. We are creating a custom File Monitoring Standard With a RTM type Standard Applicable to host

We will add rules to the File Monitor . In this Case we will add the tnsnames rule we created to the Standard. You can add standard as well as rules to a Standard

Next Lets Associate Targets to this Standard.
You will be asked to confirm

Optionally now  you can add this to the compliance framework for one stop monitoring

Now that we have set everything up. Lets Test this. Here is the original tnsnames.ora
Lets add another tns entry

Prior to the change . here is that the Compliance Results Page Looks Like. As you can see the evaluation was successful. And we are 100% compliancet



Now  If If go to Compliance -> Real time observations . I can see that I didn’t install the Kernel module needed for granular control and this cannot use certain functionality

So I’m going to remove these from my rule for now.
Now I have made a whole bunch of changes including even moving the file. It is all captured .

There are many changes here and we can actually compare what changed
If you select unauthorized as the audited event  for the change the compliance score drops and you can use it for see how many violations for a given rule happen.

In Summary. Em12c Provides a very robust framework of monitoring compliance standards as well as custom created frameworks to ensure your auditors and IT Managers are happy.


Friday, April 11, 2014

HeartBleed and Oracle

There are a lot of people asking about Heartbleed and how it has impacted the web.
Oracle has published  MOS Note 1645479.1 that talks about all the products impacted and if and when fixes will be available.
The following blog post is also a good reference about the vulnerability.  https://blogs.oracle.com/security/entry/heartbleed_cve_2014_0160_vulnerability



Tuesday, April 01, 2014

User Groups and Speaking About Support and diag tools.

The Chicago Oracle Users Group (COUG) is finally in its reboot mode. Thanks to Alfredo Abate for taking on  the responsibility and bringing the enthusiasm to bring the community back together.  Jeremy Schneider has blogged about this here .  There is a Linked in Group now open for business and i would recommend every one to contribute and lets make this reboot a success.

I am also going to be presenting  at the Ohio Users Group on April 17th along with Jeremy Schneider. The Details of the Event can be found at http:///www.ooug.org. If you are in the area, Please stop by and say hi. I'll be talking about various support tools that Oracle has and how to use them effectively.



Monday, February 03, 2014

Collaborate 14 and Vegas

Collaborate 14 is coming soon and i can tell you that it is an excellent content learning and networking opportunity.  I have been going to collaborate for a while and have found it to be not only a place to learn but also to network with my peers .  We built the team to write the Practical Oracle Database Appliance  which is available here at Collaborate 13 and were able to deliver a book  with authors all across the world as a team effort.
I would highly encourage everyone to consider Collaborate 14 as a way to be part of the wonderful Oracle Community and talk to people ,  listen to people, learn and teach others and foremost volunteer. Hey did i mention its in VEGAS. 
Early Bird Registration ends February 12 , So please pass this along and use My Name Fuad Arshad as a referrer.  Adam Savage is the Keynote speaker which is going to be AWESOME.

Monday, January 27, 2014

Changes and Book

I just realized that i have not blogged in a very long time. This has been partly because i switched jobs and started working for Oracle.  it has been an interesting six months and i have been enjoying the challenge of working with various customer and helping them solve problems.
The other thing that has been an important milestone in my career is the publishing of a book that collaborated with a very fine team of individuals with . The book is a collection of our experiences and passion with the Oracle Database and is called Practical Oracle Database Appliance. You can pre-order the book at Amazon with a link available below. I will be trying to blog more about various aspects of my new job and interesting stuff above Exadata as i learn them


Google Search

Powered By Blogger